Cyber Crime Investigations

Legal Standards Relevant to Information Security

Laws are made by politicians and politicians are driven by public and media reaction to specific incidents. Laws, therefore, are made piecemeal, at least until a critical mass is reached, which then leads lawmakers to conclude that an emerging patchwork of related, but often inconsistent, laws and regulations require an omnibus law to create consistency and greater predictability. In the absence of such a unifying federal law, particular industries or sectors are targeted for regulation as perceived problems in those industries become public. Laws and regulations covering targeted industries are gradually expanded through civil litigation and regulatory action that is limited only by the patience of judges and the imagination of plaintiffs lawyers, prosecutors, and regulators.

This is the current situation in the law of information security. As discussed in Selected Federal Laws below, federal law regulates information security for, among other things, personally identifiable health care information, financial information of individuals, and, to an increasing degree, financial information in the hands of publicly traded companies. Though there is no omnibus federal statute governing all information security, the standards of care being created for these specific economic sectors are being exported to other business areas through civil litigation, including by regulators and state attorneys general.19

For information security practitioners, this is a good news/bad news story. Often, attempts at comprehensive regulation turn out to be a jumbled mess, particularly when multiple economic sectors with differing operational environments and needs are being regulated. Such regulation...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Legal Services
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.